Cisco Systems has fixed a pair of flaws in its Internetwork Operating System (IOS) that attackers could exploit to cause a denial of service or tamper with data in a device's file system.
The IOS improperly verifies user credentials within the FTP server, Cisco said in an advisory.
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
The flaws affect Cisco IOS versions 11.3, 12.0, 12.1, 12.2, 12.3 and 12.4.
However, the IOS FTP server is an optional service disabled by default, Cisco noted. Devices that are not specifically configured to enable the IOS FTP server service are unaffected by the flaws.